Lovejoy’s Antique Evaluation Web Application You will develop a secure web application for a local antique dealer named Lovejoy. Lovejoy wants a minimum viable product allowing customers to register and then request evaluations of potential antique objects. Lovejoy has many rivals in the antique business who may sometimes resort to underhand tactics and so is very concerned about the security of the application.
Your secure web application will need to have these features for the minimum viable product (MVP) release: user registration and login, a password policy, “request evaluation” page and then an extension of the “request evaluation” page file upload to allow upload of photos. Finally, Lovejoy needs a request listing page. You should build Lovejoy’s MVP focusing on the following features in each task. As well as the code, you should submit a report as described in the appendix below, where you will provide a self-reflection on the security and for each feature. Mark allocation for each task are as described below and in the security analysis grid. You should reflect upon your work and provide estimates of how much you’ve achieved by filling out the marking grid, which if completed will be allocated 5 marks. An example of self-reflection is provided in the Canvas. There are thus 35 marks for completing the application reasonably, 50 marks for the security features identified and implemented, and 5 marks for self-reflection. You have a choice of technologies from which to build the application: • PHP (host it for free on 000webhost or on the AWS) • Java • Python No other approach is allowed. If you are using Java and Python, you should research it yourself to find out where you want to host it.

Task 1 - Develop a secure web form that allows customers to register in the application. They must register an email address, password, name and contact telephone number. The users’ details should be stored in a database.
Code Quality 5 marks Database Design 5 marks

Task 2 - Develop a secure login feature. Code Quality 5 marks

Task 3 – Extend the password management feature to provide password strength recommendations and password recovery. Code Quality 5 marks

Task 4 - Implement a “Request Evaluation” web page only accessible to logged in users. This web page should have a comment box to type in the details of the object and their request, and a dropdown box for preferred method of contact between phone or email. Code Quality 5 marks

Task 5 – Extend the “Request Evaluation” page to allow for file upload of a photo of the object Code Quality 5 marks

Task 6 – Implement a page that displays a list of evaluation requests. This page should only be visible to an administrator role Code Quality 5 marks